5 Replies Latest reply on Dec 29, 2011 2:09 AM by kuttus

    PING.EXE

      My PC has been infected with something that keeps running PING.exe.  This ultimately exhausts the CPU and memory until the PC shuts down 9Blue screen).  It then reboots. 

       

      I am an ATT customer and have McAfee' package offered there.  McAfee will not stop this thing.   Normally McAfee takes care of every problem, but this one it misses.  Has anyone had any experience with removing this bug?   How did it get past McAfee's protection? 

        • 1. Re: PING.EXE

          I forgot to mention that I have to use the Task Manager to kill the PING process before it kills the PC.  Use End Process to stop PING from running otherwise the PC will eventually, in just a few minutes, become totally overloaded and reboot (blue screen). 

           

          Also, this bug seems to not be as aggressive when not connected to the internet.

          • 2. Re: PING.EXE
            Peacekeeper

            http://jdsportsonline.com/computer/issues/ping-exe-wouldnt-stop-how-i-stopped-it .html

             

            Really not familiar with why it happens to be safe run some of these as well as mcafee

             

            McAfee Communities: Anti-Spyware, Malware & Hijacker Tools

             

            Further read imples it is probably malware so try the programs in the link

            • 3. Re: PING.EXE

              Well, McAfee did not find the problem.  So, I searched the internet for solutions to the PING.exe problem.  I found something called AVAST.  They offered a free 29 day download so I downloaded it and ran it.  The full system scan by AVAST found 5 problems.    I have McAfee through my subscription to ATT DSL.

               

              The malicious files as reported by AVAST are shown here.   Will wait and see if the problem is really fixed. 

               

              Scan results__12282011.jpg

              • 4. Re: PING.EXE
                Peacekeeper

                The dfsc,sys files are legit though malware can infect them . Worth posting them on www.virustotal.com and see what the scanners say.

                 

                Worth also scanning with getsusp amnd Malwarebytes from the list I gave you. I assume Mcafee uninstalled as it and avast would not play well together

                • 5. Re: PING.EXE

                  Trojan.Zeroaccess :  Trojan.Zeroaccess was detected by Symantec on Jul 12 2011. The number of incidents and its geographical disribution of Trojan.Zeroaccess is low. On Jul 12 2011 Symantec released updates for this Trojan. Norton AntiVirus is capable of protecting your computer against this threat. Removal of trojan Trojan.Zeroaccess is easy. The level of damage Trojan.Zeroaccess can make is low. Trojan.Zeroaccess affects computer systems with Windows XP, Windows Vista, Windows NT, Windows Server 2003, Windows 2000 operating systems.

                  Follow these steps :

                  To check it’s presence you have to do one thing.

                  In Windows XP
                  ———————-

                  Click on the start meanu and press on Run.
                  Inside the Run window type CMD and press on Okay.
                  In the black Command Window type
                  NETSH WINSOCK RESET and hit on enter.

                  If you get a message
                  Sucessfully reset the Winsock Catalog. You must restart the machine in order to complete the reset.” then you are safe.
                  If not your computer is infected. The only solution to fix it is a Fresh Installation.

                  In Windows Vista and Windows 7
                  ————————————–…

                  Click on the Start Menu and in the Search box type CMD
                  At the top you can see a CMD file. Just right click on that file and select Run as

                  Administrator.

                  In the black Command Window type
                  NETSH WINSOCK RESET and hit on enter.

                  If you get a message
                  “Sucessfully reset the Winsock Catalog. You must restart the machine in order to complete the reset.” then you are safe.

                  If not your computer is infected. In windows Vista and Windows 7 a successful system restore will fix the issue. Try a system restore to a good point.

                  After a successful system restore try to do the same step again. If you got the message “Sucessfully reset the Winsock Catalog.
                  You must restart the machine in order to complete the reset.” your computer is safe and secure.